Apple Safari has been used to exploit a zero-day security hole in Windows 7.
Security company Secunia today announced a highly critical zero-day vulnerability affecting Windows 7. Secunia confirmed that the vulnerability affects fully patched Windows 7 Professional 64-bit and cautioned that other versions may be affected.
The remotely exploitable vulnerability, caused by an error in win32k.sys, enables a hacker to run arbitrary code — such as malware — on a victim’s machine when he or she visits a specially crafted Web page using Safari. Kaspersky Labs’ blog noted, it’s possible that other browsers could be used to exploit the vulnerability.